postgresql_privs ignores connect_params

[JohnAtOlo]

SUMMARY

connect_params is used in other areas like postgresql_user, but it's not referenced in the postgresql_privs code at all. I cannot set any cert info for just postgresql_privs which is making me have to use the deprecated privs argument on postgresql_user.

ISSUE TYPE

• Bug Report

COMPONENT NAME

community.postgresql.postgresql_privs

ANSIBLE VERSION

  config file = None
  configured module search path = ['/Users/<name>/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /Users/<name>/.pyenv/versions/3.8.12/lib/python3.8/site-packages/ansible
  ansible collection location = /Users/<name>/.ansible/collections:/usr/share/ansible/collections
  executable location = /Users/<name>/.pyenv/versions/3.8.12/bin/ansible
  python version = 3.8.12 (default, Dec  1 2021, 13:59:46) [Clang 12.0.5 (clang-1205.0.22.11)]
  jinja version = 3.1.2
  libyaml = False

COLLECTION VERSION

ansible-galaxy collection list community.postgresql

# /Users/<name>/.pyenv/versions/3.8.12/lib/python3.8/site-packages/ansible_collections
Collection           Version
-------------------- -------
community.postgresql 2.3.1

CONFIGURATION

No output

OS / ENVIRONMENT

Mac

STEPS TO REPRODUCE

Set connect_params on postgresql_privs, they will be ignored.

- name: Create Role
  community.postgresql.postgresql_user:
    name: "{{ item.key }}"
    db: postgres
    no_password_changes: true
    role_attr_flags: "{{ item.value.role_attr_flags | default('') }}"
    login_host: "{{ teleport_host }}"
    login_port: 443
    login_user: "{{ teleport_db_user }}"
    connect_params:
      sslcert: "{{ db_cert }}"
      sslkey: "{{ db_key }}"
      sslrootcert: "{{ db_ca }}"
  delegate_to: 127.0.0.1
  register: create_role_result

## connect_params is being ignored in "community.postgresql.postgresql_privs"
## Must use deprecated privs block on the user instead....  
- name: Grant privileges
  community.postgresql.postgresql_privs:
    privs: "{{ privilege.privs }}"
    type: "{{ privilege.type }}"
    objs: "{{ privilege.objs }}"
    database: postgres
    role: "{{ item.key }}"

    login_host: "{{ teleport_host }}"
    login_port: 443
    login_user: "{{ teleport_db_user }}"
    connect_params:
      sslcert: "{{ db_cert }}"
      sslkey: "{{ db_key }}"
      sslrootcert: "{{ db_ca }}"
  delegate_to: 127.0.0.1
  register: grant_privileges_result
  loop: "{{ item.value.privileges }}"
  loop_control:
    loop_var: privilege

- name: Grant rds_iam
  community.postgresql.postgresql_membership:
    group: rds_iam
    target_roles:
    - "{{ item.key }}"
    state: present
    db: postgres

    login_host: "{{ teleport_host }}"
    login_port: 443
    login_user: "{{ teleport_db_user }}"
    connect_params:
      sslcert: "{{ db_cert }}"
      sslkey: "{{ db_key }}"
      sslrootcert: "{{ db_ca }}"
  delegate_to: 127.0.0.1
  register: grant_rds_iam_result

EXPECTED RESULTS

postgresql_privs will use connect_params to connect via SSL.

ACTUAL RESULTS

The user will create just fine, the rds_iam will grant just fine, but the privs will fail with an SSL error. connect_params is being ignored. I get the same cert error if I remove the connect_params block from the other sections.

My examples contain connection strings for my environment and would take so much redaction that it wouldn't be verbatim. In the source code it's pretty clear to me that connect params are not used in any way.

[JohnAtOlo]

If you output the kwargs here:
https://github.com/ansible-collections/community.postgresql/blob/main/plugins/modules/postgresql_privs.py#L522

You'll see there's no connect_params present.

Which is different than here:
https://github.com/ansible-collections/community.postgresql/blob/main/plugins/modules/postgresql_user.py#L995-L996